HOT TOPICS:

Target names new data chief; plans more secure payment card

By Anne D'InnocenzioAssociated Press

Posted:
04/29/2014 12:01:00 AM CDT

Updated:
04/29/2014 07:43:52 PM CDT

Target has announced more steps in its efforts to regain trust with its shoppers in the wake of a massive pre-Christmas data breach, including making its payment card more secure with so-called chip-and-PIN technology.

The Minneapolis-based retailer also said Tuesday that it named outsider Bob DeRodes, who has 40 years of experience in information technology, as its new chief information officer. He replaces Beth Jacob, who left in early March.

The nation's third-largest retailer said MasterCard Inc. will provide its branded credit and debit cards with chip-and-PIN technology that it says will be coming out next year. That will make Target the first major U.S. retailer that will have its own branded cards with this technology, experts say.

DeRodes has been a senior information technology adviser for the Center for CIO Leadership, the U.S. Department of Homeland Security, the secretary of defense and the Department of Justice. He will assume oversight of the company's technology team and operations, effective May 5.

"Establishing a clear path forward for Target following the data breach has been my top priority," Gregg Steinhafel, Target's chairman, president and CEO, said in a statement. "I believe Target has a tremendous opportunity to take the lessons learned from this incident and enhance our overall approach to data security and information technology."

Target said it is continuing its search for a chief information security officer and a chief compliance officer.

Target is still dealing with fallout from a massive breach that has hurt profits and sales and its reputation among shoppers worried about the security of their personal data. The company disclosed Dec. 19 that a data breach compromised 40 million credit and debit card accounts between Nov. 27 and Dec. 15. Then on Jan. 10, it said hackers stole personal information -- including names, phone numbers and email and mailing addresses -- from as many as 70 million customers.

In the wake of the breach, Target has been making changes, including overhauling some of its divisions that handle security and technology. The company has also been accelerating its $100 million plan to roll out chip-based credit card technology in all of its nearly 1,800 stores.

The new payment terminals will be in the stores by September, six months earlier than planned, Target reiterated. But the company said Tuesday that beginning in early 2015, Target will be able to accept these payments from all of its Target branded credit and debit cards. Existing Visa Inc. cards will be reissued as MasterCard co-branded chip-and PIN cards. Shoppers will be required to type in their personal identification numbers.

Target had long been an advocate for the widespread adoption of chip-and PIN card technology but hadn't outlined specific plans until now for its own branded cards.

Jason Oxman, CEO of the Electronics Transaction Association, which represents the payments technology industry, described the steps as "significant."

During a hearing on Capitol Hill on data security, John Mulligan, executive vice president, chief financial officer for Target, said its branded cards accounted for 15 percent of all the cards compromised. Of Target's various types of cards, only the REDcard Visa credit card has seen a small increase in fraud, about an 0.1 percent uptick.

While magnetic strips transfer a credit card number, chip cards use a one-time code that moves between the chip and the retailer's terminal, resulting in data that is useless except to the parties involved. They're also regarded as nearly impossible to copy, at least for now. The technology has been a standard in Europe and other regions for years.

But naysayers say the protections chips provide only go so far, noting that they don't prevent fraud in online commerce, where consumers still have to enter their credit card numbers. Some also point to other technologies as better long-term solutions.